CVE-2026-44720
OpenLearnX: Critical Authentication Bypass via JWT Signature Verification Disabled Leading to Account Takeover
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX that could allow unauthorized access to user accounts under specific conditions. This vulnerability is fixed in 2.0.4.
| CWE | CWE-287 CWE-347 |
| Vendor | th30d4y |
| Product | openlearnx |
| Published | May 27, 2026 |
| Last Updated | Jun 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for th30d4y openlearnx
Be the first to know when new unknown vulnerabilities affecting th30d4y openlearnx are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
th30d4y / OpenLearnX
< 2.0.4